CVE-2021-25232

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the SQL database.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
trendmicroCNA
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
References
https://success.trendmicro.com/solution/000284202
https://success.trendmicro.com/solution/000284205
https://www.zerodayinitiative.com/advisories/ZDI-21-107/
https://success.trendmicro.com/solution/000284202
https://success.trendmicro.com/solution/000284205
https://www.zerodayinitiative.com/advisories/ZDI-21-107/